Hi all, hoping you can assist! (running latest 6.8.1 service pack)
I've added an additional sql database as an authentication source (contains MAC addresses amungst other attributes). What I'm finding is if I use this in a service with endpoint reposity authentication source also configured, I am unable to authenticate the device when using in a MAC auth service.
If I use the authentication source on its own in a service (can be the exact same service or copy service) the authentication/autorization succeeds and there is no error in the access tracker!
After some troubleshooting, it turns out this is down to the known flag for the endpoint.
If known endpoint the service rejects, if unknown endpoint the service authorizes correctly.
Could someone explain this behaviour?
When authenticating devices with 802.1x we are setting the known flag - I suppose we could not bother doing this, but it would be helpful to understand pro's & con's.
Thanks in advance!